prima: SME command queue hang in TDLS Off Channel ioctl
During off channel ioctl the response was being dropped in
wda itself and not releasing the command in SME which was
causing the next command to block.
Change-Id: I53ad6f8ab393789acc7d5a29ca41d747973c4d63
CRs-Fixed: 709668
diff --git a/CORE/MAC/inc/sirApi.h b/CORE/MAC/inc/sirApi.h
index 8a32e8c..0e0ee1a 100644
--- a/CORE/MAC/inc/sirApi.h
+++ b/CORE/MAC/inc/sirApi.h
@@ -4220,6 +4220,16 @@
tSirMacAddr peerMac;
}tSirTdlsChanSwitch, *tpSirTdlsChanSwitch;
+/* TDLS Resp struct */
+typedef struct
+{
+ tANI_U16 messageType; // eWNI_SME_TDLS_CHANNEL_SWITCH_RSP
+ tANI_U16 length;
+ tANI_U8 sessionId; // Session ID
+ tANI_U16 transactionId; // Transaction ID for cmd
+ tSirResultCodes statusCode;
+ tSirMacAddr peerMac;
+}tSirTdlsChanSwitchReqRsp, *tpSirTdlsChanSwitchReqRsp;
#endif /* FEATURE_WLAN_TDLS */
#ifdef FEATURE_WLAN_TDLS_INTERNAL
diff --git a/CORE/MAC/inc/wniApi.h b/CORE/MAC/inc/wniApi.h
index 30441d7..7244112 100644
--- a/CORE/MAC/inc/wniApi.h
+++ b/CORE/MAC/inc/wniApi.h
@@ -338,6 +338,7 @@
eWNI_SME_TDLS_LINK_ESTABLISH_RSP,
// tdlsoffchan
eWNI_SME_TDLS_CHANNEL_SWITCH_REQ,
+ eWNI_SME_TDLS_CHANNEL_SWITCH_RSP,
#endif
//NOTE: If you are planning to add more mesages, please make sure that
//SIR_LIM_ITC_MSG_TYPES_BEGIN is moved appropriately. It is set as
diff --git a/CORE/MAC/src/pe/lim/limProcessMessageQueue.c b/CORE/MAC/src/pe/lim/limProcessMessageQueue.c
index 36d145e..0a8082f 100644
--- a/CORE/MAC/src/pe/lim/limProcessMessageQueue.c
+++ b/CORE/MAC/src/pe/lim/limProcessMessageQueue.c
@@ -2252,6 +2252,40 @@
limMsg->bodyptr = NULL;
break;
}
+
+ case WDA_SET_TDLS_CHAN_SWITCH_REQ_RSP:
+ {
+ tpPESession psessionEntry;
+ tANI_U8 sessionId;
+ tTdlsChanSwitchParams *pTdlsChanSwitchParams;
+ pTdlsChanSwitchParams = (tTdlsChanSwitchParams*) limMsg->bodyptr;
+
+ if((psessionEntry = peFindSessionByStaId(pMac,
+ pTdlsChanSwitchParams->staIdx,
+ &sessionId))== NULL)
+ {
+ limLog(pMac, LOGE, FL("session %u does not exist.\n"), sessionId);
+ /* Still send the eWNI_SME_TDLS_LINK_ESTABLISH_RSP message to SME
+ with session id as zero and status as FAILURE so, that message
+ queued in SME queue can be freed to prevent the SME cmd buffer leak */
+ limSendSmeTdlsChanSwitchReqRsp(pMac,
+ 0,
+ NULL,
+ NULL,
+ eSIR_FAILURE);
+ }
+ else
+ {
+ limSendSmeTdlsChanSwitchReqRsp(pMac,
+ psessionEntry->smeSessionId,
+ NULL,
+ NULL,
+ pTdlsChanSwitchParams->status) ;
+ }
+ vos_mem_free((v_VOID_t *)(limMsg->bodyptr));
+ limMsg->bodyptr = NULL;
+ break;
+ }
#endif
case WDA_RX_SCAN_EVENT:
diff --git a/CORE/MAC/src/pe/lim/limProcessTdls.c b/CORE/MAC/src/pe/lim/limProcessTdls.c
index 8a2a5ba..d1f2284 100644
--- a/CORE/MAC/src/pe/lim/limProcessTdls.c
+++ b/CORE/MAC/src/pe/lim/limProcessTdls.c
@@ -5318,6 +5318,37 @@
}
/*
+ * Send Response to Chan Switch Request to SME
+ */
+void limSendSmeTdlsChanSwitchReqRsp(tpAniSirGlobal pMac,
+ tANI_U8 sessionId, tSirMacAddr peerMac, tDphHashNode *pStaDs,
+ tANI_U8 status)
+{
+ tSirMsgQ mmhMsg = {0} ;
+
+ tSirTdlsChanSwitchReqRsp *pTdlsChanSwitchReqRsp = NULL ;
+
+ pTdlsChanSwitchReqRsp = vos_mem_malloc(sizeof(tSirTdlsChanSwitchReqRsp));
+ if ( NULL == pTdlsChanSwitchReqRsp )
+ {
+ PELOGE(limLog(pMac, LOGE, FL("Failed to allocate memory"));)
+ return ;
+ }
+ pTdlsChanSwitchReqRsp->statusCode = status ;
+ if ( peerMac )
+ {
+ vos_mem_copy(pTdlsChanSwitchReqRsp->peerMac, peerMac, sizeof(tSirMacAddr));
+ }
+ pTdlsChanSwitchReqRsp->sessionId = sessionId;
+ mmhMsg.type = eWNI_SME_TDLS_CHANNEL_SWITCH_RSP ;
+ mmhMsg.bodyptr = pTdlsChanSwitchReqRsp;
+ mmhMsg.bodyval = 0;
+ limSysProcessMmhMsgApi(pMac, &mmhMsg, ePROT);
+ return ;
+
+
+}
+/*
* Once link is teardown, send Del Peer Ind to SME
*/
static eHalStatus limSendSmeTdlsDelStaRsp(tpAniSirGlobal pMac,
@@ -5879,6 +5910,9 @@
VOS_TRACE(VOS_MODULE_ID_PE, VOS_TRACE_LEVEL_ERROR,
"PE Session does not exist for given sme sessionId %d",
pTdlsChanSwitch->sessionId);
+ limSendSmeTdlsChanSwitchReqRsp(pMac, pTdlsChanSwitch->sessionId,
+ pTdlsChanSwitch->peerMac,
+ NULL, eSIR_FAILURE) ;
return eSIR_FAILURE;
}
@@ -5963,6 +5997,9 @@
return eSIR_SUCCESS;
lim_tdls_chan_switch_error:
+ limSendSmeTdlsChanSwitchReqRsp(pMac, pTdlsChanSwitch->sessionId,
+ pTdlsChanSwitch->peerMac,
+ NULL, eSIR_FAILURE);
return eSIR_FAILURE;
}
diff --git a/CORE/MAC/src/pe/lim/limSendSmeRspMessages.h b/CORE/MAC/src/pe/lim/limSendSmeRspMessages.h
index 65fd58c..5f6f6cf 100644
--- a/CORE/MAC/src/pe/lim/limSendSmeRspMessages.h
+++ b/CORE/MAC/src/pe/lim/limSendSmeRspMessages.h
@@ -115,6 +115,9 @@
void limSendSmeTdlsLinkEstablishReqRsp(tpAniSirGlobal pMac,
tANI_U8 sessionId, tSirMacAddr peerMac, tDphHashNode *pStaDs,
tANI_U8 status);
+void limSendSmeTdlsChanSwitchReqRsp(tpAniSirGlobal pMac,
+ tANI_U8 sessionId, tSirMacAddr peerMac, tDphHashNode *pStaDs,
+ tANI_U8 status);
#endif
#endif /* __LIM_SEND_SME_RSP_H */
diff --git a/CORE/SME/src/csr/csrTdlsProcess.c b/CORE/SME/src/csr/csrTdlsProcess.c
index bc1be31..9b33416 100644
--- a/CORE/SME/src/csr/csrTdlsProcess.c
+++ b/CORE/SME/src/csr/csrTdlsProcess.c
@@ -1265,6 +1265,23 @@
break;
}
+ case eWNI_SME_TDLS_CHANNEL_SWITCH_RSP:
+ {
+#if 0
+ tSirTdlsChanSwitchReqRsp *ChanSwitchReqRsp = (tSirTdlsChanSwitchReqRsp *) pMsgBuf ;
+ tCsrRoamInfo roamInfo = {0} ;
+ vos_mem_copy(&roamInfo.peerMac, delStaRsp->peerMac,
+ sizeof(tSirMacAddr)) ;
+ roamInfo.staId = delStaRsp->staId ;
+ roamInfo.statusCode = delStaRsp->statusCode ;
+ csrRoamCallCallback(pMac, ChanSwitchReqRsp->sessionId, &roamInfo, 0,
+ eCSR_ROAM_TDLS_STATUS_UPDATE,
+ eCSR_ROAM_RESULT_LINK_ESTABLISH_REQ_RSP);
+#endif
+ /* remove pending eSmeCommandTdlsChanSwitch command */
+ csrTdlsRemoveSmeCmd(pMac, eSmeCommandTdlsChannelSwitch);
+ break;
+ }
#ifdef FEATURE_WLAN_TDLS_INTERNAL
case eWNI_SME_TDLS_DISCOVERY_START_RSP:
{
diff --git a/CORE/SME/src/sme_common/sme_Api.c b/CORE/SME/src/sme_common/sme_Api.c
index 28f683a..ce685a2 100644
--- a/CORE/SME/src/sme_common/sme_Api.c
+++ b/CORE/SME/src/sme_common/sme_Api.c
@@ -2205,6 +2205,7 @@
case eWNI_SME_TDLS_DEL_ALL_PEER_IND:
case eWNI_SME_MGMT_FRM_TX_COMPLETION_IND:
case eWNI_SME_TDLS_LINK_ESTABLISH_RSP:
+ case eWNI_SME_TDLS_CHANNEL_SWITCH_RSP:
#ifdef FEATURE_WLAN_TDLS_INTERNAL
case eWNI_SME_TDLS_DISCOVERY_START_RSP:
case eWNI_SME_TDLS_DISCOVERY_START_IND:
diff --git a/CORE/WDA/src/wlan_qct_wda.c b/CORE/WDA/src/wlan_qct_wda.c
index 3375449..5fb309d 100644
--- a/CORE/WDA/src/wlan_qct_wda.c
+++ b/CORE/WDA/src/wlan_qct_wda.c
@@ -7541,14 +7541,20 @@
{
VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
"%s: pWdaParams received NULL", __func__);
- vos_mem_free(pWdaParams->wdaWdiApiMsgParam);
VOS_ASSERT(0) ;
return ;
}
pWDA = (tWDA_CbContext *) pWdaParams->pWdaContext;
+ if(NULL == pWdaParams)
+ {
+ VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
+ "%s: pWdaParams received NULL", __func__);
+ VOS_ASSERT(0) ;
+ return ;
+ }
pTdlsChanSwitchParams = (tTdlsChanSwitchParams *)pWdaParams->wdaMsgParam ;
- if( NULL == pTdlsChanSwitchParams || pWDA == NULL )
+ if( NULL == pTdlsChanSwitchParams )
{
VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
"%s: pTdlsChanSwitchParams "
@@ -7560,11 +7566,10 @@
}
pTdlsChanSwitchParams->status = CONVERT_WDI2SIR_STATUS(
wdiSetTdlsChanSwitchReqRsp->wdiStatus);
- vos_mem_free(pTdlsChanSwitchParams) ;
vos_mem_free(pWdaParams->wdaWdiApiMsgParam) ;
vos_mem_free(pWdaParams);
- /* send response to UMAC
- WDA_SendMsg(pWDA, WDA_SET_TDLS_CHAN_SWITCH_REQ_RSP, pTdlsChanSwitchParams, 0) ;*/
+ /* send response to UMAC*/
+ WDA_SendMsg(pWDA, WDA_SET_TDLS_CHAN_SWITCH_REQ_RSP, pTdlsChanSwitchParams, 0) ;
return ;
}